Not sure if this is by design or a bug. If it’s the desired behaviour, just lmk.
If I share an entity with someone and it has a lookup to a linked entity the person has not access to, they will be able to see it. Except if this look up is a rich text field. It would be nice to also have rich text fields visible in lookups to those with no access to its entity. But its no big deal either. Just inconsistent and might be good to include in user guide.
Actually, from a permission perspective it might be better to only calculate using entities the user has access to. But this might not be possible based on how Lookups and formulas are done in the back end.
I found this when giving a contractor access to a project, they are able to see the total cost of contractors as theres a formula, but they only have access to their own contractor portal. So while they don’t have permission to the other contractors and their costs, they can see the total project cost (which is based on the other contractors costs)
I will just remove the lookup and use the table view with the sum at the bottom. (The downside is that then I can’t sort or filter by the total cost of the project)
Hope this makes sense.
UPDATE AFTER THOUGHT:
The problem lies in the inconsistency actually. If it was you didnt permission to see the rich text, I could just put a lookup to it in the contractor portal and give no access to the project portal. If you could only see the things you had access to, then I could give them access to project portal to see the rich text, and they wouldn’t see the (fully calculated) formula which calculates using into they dont have access to.
This is currently expected:
Private <entity>.You are correct about formulas and lookups calculated per workspace, not per user. Although I’m not sure that the situation when two teammates see different numbers in Total Cost formula depending on their permissions is desired even if the engineering wasn’t a problem.
Rich-text Lookups behaviour is a side effect of the current technical implementation. If there’s enough demand, we might consider consolidating their behavior with the basic Fields.
Okay makes sense.
True, it might indeed not be a problem. The problem is the inconsistency.
All lookups viewable:
Share the RTF in the lookup for the contractor on the “Project contractor” entity.
Only lookups you have permissions to:
Share the project itself with contractors. They will the breif on there, and no other sensistive info they dont have access to.
My workaround for now is a button automation to “Send to Contractors” that copies the rich text into the related contractors. It works (and might be even better)! And I could even set up as a rule for as its changing to update the others. But this was how I stumbled upon this weird difference in behaviour. Again, not the end of the world, just a bit funky behaviour that I wasn’t sure if it was flagged. And thought it might be good to include in the user guide.
Thanks Anton!